Biometric authentication for paper-based transactions

ABSTRACT

Apparatus and methods for protecting biometric authentication information associated with a paper document are provided. A mobile device application may pre-associate the document with a biometric input. The mobile device application may generate a first composite hash value based on a combination of a numerical representation of a first image of the paper document and a numerical representation of a first biometric input. Subsequently, an authentication server may generate a second composite hash value based on a combination of a numerical representation of a second image of the paper document and a numerical representation of a second biometric input. The authentication server may determine whether an edit distance separating the second composite hash value and the first composite hash value is less than a threshold distance. If the edit distance is less than a threshold distance, the paper document may be authenticated.

FIELD OF TECHNOLOGY

This disclosure relates to authentication of paper-based transactions.Specifically, this disclosure relates to protecting biometricauthentication information that is associated with a paper document orfinancial instrument.

BACKGROUND

Business transactions often require paper documents issued by one of thetransaction parties. The issuing party may transfer the paper documentto another transaction party. For example, one party may issue a papercheck as payment to another party.

At some point after the paper document has been transferred, thevalidity of the document may require authentication. In the case of apaper check, the check may require authentication at the time it ispresented for deposit. The bank of the issuing party may hold payment ofthe check amount until the bank has verified the identity of the issuingparty.

Conventionally, a paper document is authenticated based on a signature.In the case of a paper check, the bank of the issuing party may verifythe signature of the issuing party on a check presented for deposit. Thebank may authenticate the check based on the customer signature.

Authenticating a document based on a signature presents serious securityrisks. A signature may be forged or otherwise imitated. A more securemethod of authentication relies on a unique biometric indicator such afingerprint or a retinal scan. However, a paper document is not easilyadapted to incorporate such forms of biometric authentication. Moreover,associating a biometric indicator with a paper document exposessensitive biometric information to tampering or theft.

It would be desirable, therefore, to provide apparatus and methods thatincorporate biometric authentication into a paper-based transaction. Itwould be desirable to provide biometric authentication in a securemanner that protects against exposure of the biometric information.

SUMMARY OF THE DISCLOSURE

Apparatus and methods for protected biometric authentication of apaper-based transaction are provided.

The apparatus and methods may pre-associate a paper document withbiometric authentication information. The paper document may be a check.

The check issuer may capture an image of the issued check at a mobiledevice. The check issuer may capture a biometric input at a mobiledevice. The mobile device may generate a first composite hash valuebased on a combination of a numerical representation of the check imageand a numerical representation of the biometric input. Combining thebiometric input with the check image prior to hashing, renders itextremely difficult for a person of malicious intent to derive thebiometric information.

After the check passes out of issuer control, it may be authenticated byan authentication server. The authentication server may receive an imageof a paper check for authentication. The authentication server maygenerate a second composite hash value based on a combination ofnumerical representation of the check image with a numericalrepresentation of stored biometric registration information. Thebiometric registration information may have been previously associatedwith an account.

The authentication server may calculate a distance separating the secondcomposite hash value from the first composite hash value. The distancemay be an edit distance. If the edit distance is less than a thresholddistance, the authentication server may authenticate the check. Theauthentication may comprise a release of funds from a check issueraccount. If the edit distance is greater than a threshold distance, theauthentication server may lock the check issuer account, the lockingcomprising denying a release of funds from the check issuer account.

BRIEF DESCRIPTION OF THE DRAWINGS

The objects and advantages of the invention will be apparent uponconsideration of the following detailed description, taken inconjunction with the accompanying drawings, in which like referencecharacters refer to like parts throughout, and in which:

FIG. 1A shows an illustrative process flow in accordance with principlesof the invention;

FIG. 1B shows an illustrative process flow in accordance with principlesof the invention;

FIG. 2A shows an illustrative process flow in accordance with principlesof the invention;

FIG. 2B shows an illustrative process flow in accordance with principlesof the invention;

FIG. 3 shows an illustrative process flow in accordance with principlesof the invention;

FIG. 4 shows an illustrative process flow and apparatus in accordancewith principles of the invention; and

FIG. 5 shows an illustrative process flow in accordance with theprinciples of the invention.

DETAILED DESCRIPTION

Apparatus and methods for protected biometric authentication of apaper-based transaction are provided. The invention may include methodsand apparatus as set forth in application Ser. No. 15/258,110,“Encrypted Biometric Authentication,” which is hereby incorporated byreference herein in its entirety.

A transaction involving two or more parties may include one or morepaper documents. The paper document may be a financial instrument, acontract, an invoice, an affidavit, or any suitable paper document.

In some embodiments, the paper document may be a paper check. The checkissuer may be a customer of a financial institution. The financialinstitution may provide the customer with a mobile device applicationfor associating an issued paper check with a biometric input. Thecustomer may download the mobile device application from the financialinstitution to a customer mobile device. The mobile device may be amobile phone, a smartphone, a smartwatch, a tablet, a laptop, or anysuitable mobile device.

The mobile device application may include image capture capabilities.The mobile device application may capture a first image of the papercheck.

The mobile device application may include the capability to receive abiometric input. In response to capturing the first check image, themobile device application may offer the customer an option to associatethe image with a biometric input. The mobile device may capture thebiometric input. The mobile device may capture the biometric input via atouchscreen, camera, scanner, voice recorder or any other suitablefunction of the mobile device. The biometric input may be a fingerprintscan, a retinal scan, a voiceprint, a photograph, a heartbeat signatureor any other suitable biometric input.

In response to receiving the biometric input, the mobile deviceapplication may randomly generate an authentication number. The issuanceof a RGAN indicates biometric confirmation of the check image, but theRGAN itself does not include any biometric information.

The randomly generated authentication number (RGAN) may be transferredto the face of the check in any suitable manner. For example, thecustomer may write or print the RGAN on the face of the check. Themobile device application may transmit the RGAN to the financialinstitution. The financial institution may store the RGAN. The financialinstitution may store the RGAN along with other transactional data. Thefinancial institution may store the RGAN on an authentication server.

The mobile device application may generate a numerical representation ofthe captured first check image. The numerical representation may begenerated from a digital file. The numerical representation may be amatrix or any other suitable numerical representation.

The mobile device application may generate a numerical representation ofthe biometric input. The numerical representation may be generated froma digital file. The numerical representation may be a matrix or anyother suitable numerical representation.

The mobile device application may generate a first composite hash valuebased on a combination of the numerical representation of the firstcheck image and the numerical representation of the biometric input. Themobile device application may use a convolution algorithm or any othersuitable method to combine the numerical representations of the checkimage and the biometric input.

The biometric input and the numerical representation of the biometricinput may be restricted to the customer mobile device. In someembodiments, the mobile device application may delete the biometricinput and the numerical representation of the biometric input followinggeneration of the first composite hash value.

The mobile device application may transmit the first composite hashvalue to the financial institution. The financial institution may storethe first composite hash value. The financial institution may store thefirst composite hash value along with other transactional data. Thefinancial institution may store the first composite hash value on anauthentication server.

A composite hash value provides a way to associate biometric informationwith a paper document. Further, the biometric information associatedwith the document is protected during transmission because it isintegrated into the composite hash value. A numerical representation ofthe biometric input could potentially be intercepted and analyzed toderive the customer biometric information. The composite hash valuegenerated by the mobile device application provides stronger protection,because it is based on a combination of the biometric input and thedocument image. Restricting transmission to the composite hash valueenables association of the document with a biometric indicator, whilestill protecting sensitive customer information.

When the paper document is a check, using the check image for protectiveconvolution with the biometric input presents several benefits. Becausethe check image itself is a component of the composite hash value, whenthe check is presented for authentication, one of the pieces needed toverify the composite hash value is already present. The check itselfalso includes information for identifying a customer account. Storedbiometric information registered with the customer account may providethe other component needed to verify the composite hash value.

An authentication server may receive a second image of a check forauthentication. The authentication server may be associated with thecustomer financial institution. The check may be a check presented fordeposit. The check may be presented for deposit at an ATM, at afinancial institution branch, via online banking, via a mobile deviceapplication, or via any suitable banking channel. The second check imagemay be captured by the banking channel at the time of deposit. Thesecond check image may be transmitted from the banking channel to theauthentication server for authentication.

The authentication server may identify a RGAN in the second check image.The authentication server may identify the RGAN based on a segmentextracted from the second check image.

The authentication server may identify transactional data associatedwith the second check image. The authentication server may identify thetransactional data based on a segment extracted from the second checkimage. The authentication server may determine whether the transactionaldata includes a stored RGAN. The RGAN in the second check image may becompared to the stored RGAN.

If the RGAN in the second check image does not match the RGAN from thetransactional data, the authentication server may decline toauthenticate the check. In some embodiments, the authentication servermay terminate the authentication process. In some embodiments, theauthentication server may attempt to authenticate the check via analternate method of authentication.

If the RGAN in the second check image matches the RGAN from thetransactional data, the authentication server may authenticate thecheck. In response to authenticating the check, the financialinstitution may release funds in the amount of the check. Theauthentication server may require one or more additional forms ofverification before authenticating the check. The financial institutionmay require one or more additional forms of verification beforereleasing the funds.

Authentication based on a RGAN may be a first level of authentication.In some embodiments, the authentication server may apply a second levelof authentication. The second level of authentication may be based on acomposite hash value that associates the check with a biometric input.The authentication server may apply a second level of authentication ifthe RGAN on the face of the check does not match the stored RGAN.Alternatively, the authentication server may apply a second level ofauthentication if the RGAN does match the stored RGAN. In someembodiments, the authentication server may apply only the first level ofauthentication or only the second level of authentication.

The authentication server may generate a numerical representation of thesecond check image. The numerical representation may be generated from adigital image file. The numerical representation may be a matrix or anyother suitable numerical representation.

The authentication server may identify a customer account associatedwith the second check image. The authentication server may identify theaccount based on a segment extracted from the check image. Theauthentication server may identify biometric registration informationpreviously associated with the customer account. The biometricregistration information may be registered at the time the account iscreated or at a later time. The biometric registration information maybe captured by any suitable banking channel. The biometric registrationinformation may be stored on a secure server. The authentication servermay retrieve the stored biometric registration information.

The authentication server may generate a numerical representation of thebiometric registration information. The numerical representation may begenerated from a digital image file. The numerical representation may bea matrix or any other suitable numerical representation.

The authentication server may generate a second composite hash valuethat is based on a combination of the numerical representation of thesecond check image and the numerical representation of the biometricregistration. The numerical representations of the second check imageand the biometric registration information may be combined via aconvolution algorithm or by any suitable method.

The authentication server may calculate a distance separating the secondcomposite hash value from the first composite hash value. The distancemay be an edit distance. The edit distance may be a Hamming distance.

The edit distance may be compared to a predetermined threshold distance.If the edit distance is less than the threshold distance, theauthentication server may authenticate the check. Authenticating thecheck may comprise authorizing a release of funds from the customeraccount. The authentication server may transmit an instructionauthorizing the release of funds.

If the edit distance is greater than the threshold distance, theauthentication server may decline to authenticate the check. Theauthentication server may lock the customer account. Locking thecustomer account may comprise transmitting an instruction denying arelease of funds from the customer account.

In some embodiments, the biometric registration information may includemultiple versions of a biometric input. For example, when the biometricinput is a fingerprint scan, the biometric registration information mayinclude multiple scans with slight differences in finger positioning.The multiple scans ensure that a subsequent biometric input at a mobiledevice will correspond to the biometric registration informationregardless of positioning.

In an embodiment in which the customer biometric registrationinformation includes multiple versions of the biometric input,authentication may include generating numerical representations of eachversion of the biometric registration information. Each of thesenumerical representations may be combined with the numericalrepresentation of the second check image to generate a set of secondcomposite hash values. The authentication server may calculate distancesseparating each of these second composite hash values from the firstcomposite hash value. If any of the distances is less than the thresholddistance, the authentication server may authenticate the check.

Apparatus and methods described herein are illustrative. Apparatus andmethods in accordance with this disclosure will now be described inconnection with the figures, which form a part hereof. The figures showillustrative features of apparatus and method steps in accordance withthe principles of this disclosure. It is to be understood that otherembodiments may be utilized and that structural, functional andprocedural modifications may be made without departing from the scopeand spirit of the present disclosure.

The steps of methods may be performed in an order other than the ordershown and/or described herein. Embodiments may omit steps shown and/ordescribed in connection with illustrative methods. Embodiments mayinclude steps that are neither shown nor described in connection withillustrative methods.

Illustrative method steps may be combined. For example, an illustrativemethod may include steps shown in connection with another illustrativemethod.

Apparatus may omit features shown and/or described in connection withillustrative apparatus. Embodiments may include features that areneither shown nor described in connection with the illustrativeapparatus. Features of illustrative apparatus may be combined. Forexample, an illustrative embodiment may include features shown inconnection with another illustrative embodiment.

FIGS. 1A and 1B show two parts of illustrative process flow 100. Process100 shows a biometric authentication process for a paper check. Inprocess 100, Customer A may be a customer of a financial institution. Atstep 101, Customer A issues a check. The check may be issued as part ofa payment to Customer B.

Customer A may be in possession of a mobile device. A mobile deviceapplication (MDA) for biometric authentication may be installed on themobile device. The MDA may be provided by the financial institution. TheMDA may be downloaded by the customer from the financial institution.

At step 102, the MDA captures an image of the issued check before it istransferred to Customer B. The MDA may offer Customer A the option toassociate the check image with a biometric input. At step 103, the MDAcaptures a biometric input from Customer A. The biometric input may be afingerprint scan, a retinal scan, a voiceprint, a photograph, aheartbeat signature or any other suitable biometric input. The MDA maybe configured to receive the biometric input using a mobile devicetouchscreen, camera, scanner, voice recorder or any other suitablefunction of the mobile device.

At step 104, the MDA generates a numerical representation of the checkimage. The MDA also generates a numerical representation of thebiometric input.

At step 105, the MDA combines the numerical representations of the checkimage and the biometric input. The MDA may use a convolution algorithmor any other suitable method to combine the numerical representations ofthe check image and the biometric input. The MDA generates a firstcomposite hash value based on the combination of the numericalrepresentations.

At step 106, the MDA transmits the first composite hash value to aserver for storage. The server may be associated with the financialinstitution. The server may store transaction information. The servermay be an authentication server.

FIG. 1B shows additional elements of process 100, following transfer ofthe paper check to Customer B. At step 107, Customer B deposits thecheck issued by Customer A. Customer B may deposit the check at aself-service kiosk, via online banking, via a mobile device, atfinancial center or via any other suitable banking channel. The bankingchannel may capture an image of the deposited check. The banking channelmay transmit the check image to an authentication server forauthentication.

At step 108, the authentication server receives the check image forauthentication. At step 109, the authentication server generates anumerical representation of the check image.

At step 110, the authentication server identifies biometric registrationinformation for Customer A. The authentication server may identify anaccount associated with Customer A based on a segment extracted from thecheck image (not shown). The authentication server may identify CustomerA by name from a text segment extracted from the check image. Theauthentication server may identify biometric registration informationpreviously associated with the Customer A account. The biometricregistration information may be a biometric input. The biometricregistration information may be stored on a secure server.

At step 111, the authentication server generates a numericalrepresentation of the biometric registration information. At step 112,the authentication server combines the numerical representations of thecheck image and the biometric registration information. Theauthentication server may use a convolution algorithm or any othersuitable method to combine the numerical representations of the checkimage and the biometric input. The authentication server generates asecond hash value based on the combination of the numericalrepresentations.

The authentication server may calculate a distance separating the secondcomposite hash value from the first composite hash value (not shown).The distance may be an edit distance. At step 113, the authenticationserver authenticates the check if the distance separating the secondcomposite hash value and the first composite hash value is less than athreshold distance.

FIGS. 2A and 2B show two parts of illustrative process flow 200. One ormore of the steps shown in process 200 may correspond to steps shown inFIGS. 1A and 1B. Process 200 shows a biometric authentication processfor a paper check. In process 200, Customer A may be a customer of afinancial institution. At step 201, Customer A issues a check. The checkmay be issued as part of a payment to Customer B.

Customer A may be in possession of a mobile device. A mobile deviceapplication (MDA) for biometric authentication may be installed on themobile device. The MDA may be provided by the financial institution. TheMDA may be downloaded by Customer A from the financial institution.

At step 202, the MDA captures an image of the issued check before it istransferred to Customer B. The MDA may offer Customer A an option toassociate the check image with a biometric input. At step 203, the MDAcaptures a biometric input from Customer A. The biometric input may be afingerprint scan, a retinal scan, a voiceprint, a photograph, aheartbeat signature or any other suitable biometric input. The MDA maybe configured to receive the biometric input using a mobile devicetouchscreen, camera, scanner, voice recorder or any other suitablefunction of the mobile device.

At step 204, in response to capture of the biometric input, the MDAgenerates a randomly generated authentication number (RGAN). The RGAN isevidence of biometric confirmation of the check image, but the RGANitself does not include any biometric information. At step 205, CustomerA transfers the RGAN to the face of the issued paper check. At step 206,the MDA transmits the RGAN to a server for storage. The server may beassociated with the financial institution. The server may storetransaction information. The server may be an authentication server.

FIG. 2B shows additional elements of process flow 200, followingtransfer of the paper check to Customer B. At step 207, Customer Bdeposits the check issued by Customer A. Customer B may deposit thecheck at a self-service kiosk, via online banking, via a mobile device,at financial center or via any other suitable banking channel. Thebanking channel may capture an image of the deposited check. The bankingchannel may transmit the check image to an authentication server forauthentication.

At step 208, the authentication server receives the check image forauthentication. At step 209, the authentication server identifies a RGANin the check image. The RGAN may be extracted from a segment of thecheck image. At step 210, the RGAN from the check image may be comparedto the stored RGAN. At step 211, if the RGANs match, the authenticationserver authenticates the check. At step 212, if the RGANs do not match,the authentication process continues with an alternate form ofauthentication.

FIG. 3 shows illustrative process flow 300. One or more of the stepsshown in FIG. 3 may correspond to steps shown in FIGS. 1A, 1B, 2A and2B. Process 300 shows association of biometric authenticationinformation with a paper check. In process 300, a MDA generates both acomposite hash value and an RGAN to prepare an issued check for multiplepaths of biometric authentication.

FIG. 4 shows hybrid apparatus/process flow 400. Step 401 shows a checkissued by Customer A. Step 402 shows an image of the check captured byCustomer A at a mobile device. Step 403 shows capture of a biometricinput from Customer A. At steps 404 and 405, the mobile device generatesa RGAN and a composite hash value for use in subsequent authenticationof the check. The mobile device transmits the RGAN and the compositehash value via network 406. The RGAN does not include biometricinformation. The composite hash value includes protected biometricinformation that has been converted to a numeric representation andprotected by convolution with a numeric representation of the checkimage prior to hashing. The transmitted RGAN and the transmittedcomposite hash value are stored securely on server 407.

FIG. 5 shows illustrative process flow 500. In process 500, Customer Aregisters biometric information with a financial institution. At step501, Customer A enters a biometric registration input. The biometricregistration input may be a fingerprint scan, a retinal scan, aphotograph, a voiceprint, a heartbeat signature or any suitablebiometric registration input. Customer A enters multiple versions of thebiometric input. For example, if the biometric input is a fingerprintscan, Customer A may scan the fingerprint three separate times, eachtime slightly shifting the position of the finger on the scanner.

At step 502, the biometric registration information is associated with aCustomer A account. This association facilitates access to the biometricregistration information for subsequent authentication of a documentthat is also associated with the account. At step 503, the biometricregistration information is stored on a secure financial institutionserver.

Thus, methods and apparatus for protected biometric authentication of apaper-based transaction have been provided. Persons skilled in the artwill appreciate that the present invention can be practiced by otherthan the described embodiments, which are presented for purposes ofillustration rather than of limitation. The present invention is limitedonly by the claims that follow.

What is claimed is:
 1. A system for protecting biometric authenticationinformation associated with a paper check based, at least in part, on aconvolution of a biometric input and a check image, the systemcomprising: a check issuer device configured to pre-associate a papercheck with biometric authentication information, the device comprising:a camera configured to capture a first image of a paper check; abiometric scanner configured to capture a first biometric input from thecheck issuer; and a first processor configured to: convert the firstcheck image to a numerical representation of the first check image;convert the first biometric input to a numerical representation of thefirst biometric input; and generate a first composite hash value, thefirst composite hash value based on a convolution of the numericalrepresentation of the first check image and the numerical representationof the first biometric input; and an authentication device configured toauthenticate a paper check, the authentication device comprising: areceiver configured to receive a second image of a paper check from abanking channel; and a second processor configured to: based on one ormore data segments extracted from the second check image, identify acheck issuer account associated with the second check image; retrieve asecond biometric input previously associated with the check issueraccount; convert the second check image to a numerical representation ofthe second check image; convert the second biometric input to anumerical representation of the second biometric input; generate asecond composite hash value, the second composite hash value based on acombination of the numerical representation of the second check imageand the numerical representation of the second biometric input; when anedit distance separating the second composite hash value from the firstcomposite hash value is less than a predetermined threshold distance,authenticate the check, the authentication comprising transmitting aninstruction to release funds from the check issuer account; and when theedit distance separating the second composite hash value from the firstcomposite hash value is greater than a predetermined threshold distance,lock the check issuer account, the locking comprising transmitting aninstruction denying a release of funds from the check issuer account. 2.The system of claim 1 wherein: the first biometric input and thenumerical representation of the first biometric input are restricted tothe check issuer device; and the first composite hash number is notrestricted to the check issuer device.
 3. The system of claim 1 whereinthe second biometric input comprises multiple versions of a biometricinput.
 4. The system of claim 3 wherein the second processor isconfigured to: generate multiple versions of the second composite hashvalue, each version of the second composite hash value based on acombination of the numerical representation of the second check imageand a numerical representation of a version of the second biometricinput; authenticate the check when an edit distance separating anyversion of the second composite hash value from the first composite hashvalue is less than the predetermined threshold distance; and denyauthentication of the check when the edit distance separating everyversion of the second composite hash value from the first composite hashvalue is greater than the predetermined threshold distance.
 5. Thesystem of claim 1 wherein the first processor is further configured to:generate a first randomly generated authentication number (RGAN) fortransfer to the face of the paper check; and associate the first RGANwith stored transaction information for the paper check.
 6. The systemof claim 5 wherein the second processor is further configured to: basedon one or more data segments extracted from the second check image,identify a second RGAN associated with the second check image; based onone or more data segments extracted from the second check image,identify transaction information associated with the second check image,the transaction information comprising the first RGAN; and generate thesecond composite hash value when the second RGAN does not correspond tothe first RGAN.
 7. A method for protecting biometric authenticationinformation associated with a paper check based on convolution of abiometric input and a check image, the method comprising: at a checkissuer device, pre-associating a paper check with biometricauthentication information from a check issuer, the pre-associationcomprising: capturing a first image of the paper check capturing a firstbiometric input using the check issuer device, and converting the firstbiometric input and the first image to a first composite hash value, thefirst composite hash value based, at least in part, on convolution of anumerical representation of the first check image and the numericalrepresentation of the first biometric input; wherein, the firstbiometric input and the numerical representation of the first biometricinput are deleted from the check user device following generation of thefirst composite hash value; and at an authentication device,authenticating a paper check based, at least in part, on pre-associatedbiometric authentication information, the authentication comprising:capturing a second image of the paper check; based on one or more datasegments extracted from the second image, identifying a check issueraccount; retrieving a second biometric input previously associated withthe check issuer account and stored within a secure banking portal;converting the second biometric input and the second image to a secondcomposite hash value, the second composite hash value based, at least inpart, on a convolution of a numerical representation of the second checkimage and a numerical representation of the second biometric input; whenan edit distance between the second composite hash value and the firstcomposite hash value is less than a predetermined threshold distance,authorizing a release of funds from the check issuer account; and whenthe edit distance between the second composite hash value and the firstcomposite hash value is greater than a predetermined threshold distance,locking the check issuer account, the locking comprising denying arelease of funds.
 8. The method of claim 7 wherein the second biometricinput comprises multiple versions of a biometric input.
 9. The method ofclaim 8 further comprising: generating multiple versions of the secondcomposite hash value, each version of the second composite hash valuebased on a combination of the numerical representation of the secondcheck image and a numerical representation of a version of the secondbiometric input; authorizing a release of funds when an edit distanceseparating any version of the second composite hash value and the firstcomposite hash value is less than the predetermined threshold distance;and denying a release of funds when the edit distance separating everyversion of the second composite hash value and the first composite hashvalue is greater than the predetermined threshold distance.
 10. Themethod of claim 7 further comprising: generating a first randomlygenerated authentication number (RGAN) for transfer to the face of thepaper check; and associating the first RGAN with stored transactioninformation for the paper check.
 11. The method of claim 10 furthercomprising: based on one or more data segments extracted from the secondcheck image, identifying a second RGAN associated with the second checkimage; based on one or more data segments extracted from the secondcheck image, identifying transaction information associated with thesecond check information, the transaction information comprising thefirst RGAN; and generating the second composite hash value when thesecond RGAN does not correspond to the first RGAN.